Mass. Cops Hit by 'Ransomware' Attack, Must Buy Back Own Files

By Christopher Coble, Esq. on April 08, 2015 | Last updated on March 21, 2019

The Tewksbury Police Department paid $500 to regain access to its computer files after an anonymous hacker encrypted their data.

The department received a pop-up ransom note that read, "Your personal files are encrypted. File decryption costs ~ $500." After numerous attempts to unlock the data themselves, Tewksbury paid the ransom in bitcoin.

Cuffed by Encryption

Tewksbury Police Chief Timothy Sheehan initially thought the computer slowdown was a normal glitch or a virus. But after repeated attempts by state and federal law enforcement as well as two Internet security firms to unlock the data failed, he realized "it was a little bit bigger than that. It was more like cyberterrorism."

The attack used ransomware called KEYHolder, which proved unbreakable. The hackers also demanded that the bitcoin payment be sent through a technology known as Tor, which obscures the physical location where the payment is received.

Tewksbury wasn't the first police department to be targeted for data ransom: departments in Swansea, Mass., along Chicago, Dickson County, Tenn., Durham, N.H., and Collinsville, Ala. were also targeted. Not all of them paid up, however, with some offices relying on backups and others determined not to give in to threats.


These new ransomware programs can find their way into secure computer networks via the same old malware methods: usually innocuous-looking emails. The program then encrypts the victim's data, rendering it useless without a digital key.

The keys are then ransomed back to the victim, usually for a few hundred dollars. But those few hundred can add up quickly. Experts estimate that another ransomware program, CryptoWall, infected more than 600,000 computers worldwide in just six months last year, netting the gang that operated CryptoWall in about $1 million in total ransom payments.

The lesson, as always, for kids and for cops: don't clink on random email links and always have secure backups of all of your files.

Follow FindLaw for Consumers on Facebook and Twitter (@FindLawConsumer).

Related Resources:

Copied to clipboard